Adblock support thread

Sorry if this has been asked before but I've recently switched from Pi-hole to Adblock on OpenWrt to reduce complexity. I like the built in force DNS, email and DNS stats.

The one thing I've noticed is the block and allow lists don't support regex inputs, only domains. Is there any chance in the future for these to be regex aware at all? I'm aware this will add complexity and possibly additional memory requirements to parse regex rules, but can reduce the amount of overall domain entries in some cases.

Nope, regex are not supported in dns backends like dnsmasq, unbound, bind or kresd.

Can you give an example, pls, where regex would be desirable ?

Thanks for your reply. No worries, thought I'd just ask. Coming from Pi-Hole more recently regex support was added for the allow and block lists, I assume they are translating the regex into plain domain entries before going into dnsmasq.

Basic example say for multiple clientsx.google.com domains.

Manually:

clients1.google.com
clients2.google.com
clients3.google.com
clients4.google.com
clients5.google.com
clients6.google.com

Regex:

clients[1-6].google.com$

Nope, they're using a dnsmasq fork called FTL with pihole specific enhancements.

1 Like

Sorry, I meant a real world example.

Being able to reduce the amount of overall domain rules I guess? If you can write a single rule that collapses several explicit domain rules that is less rules overall to have to manage but comes with memory and performance issues I'd imagine given regex can be inefficient with resources in some scenarios.

Not major though. I just wondered I only had a few in Pi-Hole previously.

Just note: in master there is a new adblock version 4.1.1 (version history see first post). There is one new feature to support client segregation based on their IP address:

* support the RPZ trigger 'RPZ-CLIENT-IP' to always allow/block certain clients based on their IP (currently only supported by bind!)

In LuCI you'll find two new input fields under "Advanced DNS Settings", e.g.

As noted, this RPZ-trigger feature is currently only supported in bind but hopefully unbound and kresd will follow sometime ... :wink:

For details check https://tools.ietf.org/id/draft-vixie-dnsop-dns-rpz-00.html#rfc.section.4.1

1 Like

reg_pl1's address is now https://raw.githubusercontent.com/PolishFiltersTeam/KAD/master/KAD.txt I believe

utcapitole is giving me issues as well, but not sure as to the cause as the extracted link works fine:

Tue Apr 20 03:21:08 2021 user.info adblock-4.0.7[9120]: download of 'utcapitole' failed, url: https://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz, rule: /^([[:alnum:]_-]{1,63}\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}, categories: publicite bitcoin cryptojacking ddos malware phishing warez, rc: 0, log: Downloading 'htt/tmp/tmp.ALpppF/blac  34% |**********                     |  6816k  0:00:14 ETA3.49.48.249:443 Writing to '/tmp/tmp.ALpppF/blacklists.tar.gz'
Tue Apr 20 03:21:08 2021 user.info adblock-4.0.7[9120]: archive extraction of 'utcapitole' failed, categories: publicite bitcoin cryptojacking ddos malware phishing warez, entries: , rc: 0

Disk and RAM seem ok space wise..

utcapitole works for me - seems to be a local download issue. The regional poland list has been already updated in current master, but I forgot to update 19.07 branch as well ... will do this in the next couple of days.

Thanks!

I'm going full ham with the lists, as in just about all of the lists are being parsed (3+ mil). So it's seems to be about a 50/50 shot of loading them/erroring completely or working fine.

What is error 76 if I may? I know 78 is a config error, but I'm trying to get gmail to function now.

HI @dibdot ...

Would it be possible to generate a report to analyze only the NX records?

If so, how could I do that?

Just filter for 'NX', e.g.:
refresh

I can't recommend such configs ... anyway to increase your chances of successful processing reduce the 'Download Queue' to 1 or 2 to reduce the tasks that are running in parallel.

Thanks friend!

I need some help with NX records...

See the picture please:

As you can see in the image, I have several NX records pointing to *.neonprd.corp ...

This happens when I connect to the company that I work using VPN software, in this case, Palo Alto Networks Global Protect software ...,

I do not know how to provide more details because the security personnel do not pass it on to me, so I would like to try to release "everything" .neonprd.corp ... Would it be possible?

I tried to put "neonprd.corp", "neonprd" and "corp" in the whitelist and I still receive the NX records pointing to the mentioned domains.

Can you help me with this?

Yep, just add 'neonprd.corp' to your whitelist and reload adblock. But I doubt that this will fix your problem ... most probably the NX does not belong to adblock at all ... most probably your local DNS can't resolve this (internal) domain. Try suspending adblock and try again ...

please don't crosspost in multiple threads!

1 Like

sorry, I removed my reply

Hi, I just installed Adblock 4.07 on my Archer C7 v2, running OpenWRT 19.07.7. Adblock starts and runs, but doesn't seem to be blocking any ads. The DNS report shows that items are being blocked, but it is mostly crashlytics.com and icloud.com. I added one additional list (shallalist) to see what would happen, but ads still remain. I'm testing against Yahoo Mail, macrumors.com, and cnn.com.

Any ideas what I'm doing wrong? Thanks!

Update: Ad blocking works on my phone, but not on my computer, even though both devices use the same wifi. ??

Update #2: Figured it out. When my VPN to work is active, ads aren't blocked. Blocking works when the VPN is disabled. However, I don't understand why that would be, since my understanding is that it's a split tunnel and only requests to servers in my work's network would go through the VPN.

# /etc/init.d/adblock status
::: adblock runtime information
  + adblock_status  : enabled
  + adblock_version : 4.0.7
  + blocked_domains : 71175
  + active_sources  : adaway adguard disconnect shallalist yoyo 
  + dns_backend     : dnsmasq, /tmp/dnsmasq.d
  + run_utils       : /usr/bin/wget, /usr/bin/awk
  + run_ifaces      : trigger: -, report: br-lan
  + run_directories : base: /tmp, backup: /tmp, report: /tmp, jail: /tmp
  + run_flags       : backup: 1, reset: 0, flush: 0, force: 0, search: 0, report: 1, mail: 0, jail: 0
  + last_run        : reload, 1m 28s, 124/74/57, 30.04.2021 12:21:46
  + system          : TP-Link Archer C7 v2, OpenWrt 19.07.7 r11306-c4a6851c72